Re: How to use SpamAssassin from PHP?
On 4/17/07, Derek Harding [EMAIL PROTECTED] wrote: On Tue, 2007-04-17 at 16:52 +0530, BG Mahesh wrote: hi I want to pass the comments/text entered by users on a form to SpamAssassin for approval. If it approves it only then I want to accept the text, else I want to inform the user that the text is Spam and reject the user's comments. We use PHP and want to know how to implement this. Someone asked about SA from PHP on this list back in March. Here is what I wrote then: #!/usr/bin/php -q ? $fname = tempnam(/tmp, sa); file_put_contents($fname, $message); exec(/usr/bin/spamc -c $fname, $score, $res); if ($res == 1) echo It's spam.\n; unlink($fname); ? TBH I'm not sure SA is really going to help you here since you'll have zero headers for it to work on meaning you're pretty much down to content URIBL checks. Derek We have tested this on http://cause.greynium.com/spamtest.php We have constructed a Mail header, concatenating $message to $header and passing the contents of $header to the code given above. We have installed the script from rulesemporium to update the cf files. What could we be missing? -- -- B.G. Mahesh http://www.greynium.com/ http://www.oneindia.in/ http://www.click.in/ - Free Indian Classifieds
Re: How to use SpamAssassin from PHP?
On Wed, May 9, 2007 09:36, BG Mahesh wrote: We have tested this on http://cause.greynium.com/spamtest.php We have constructed a Mail header, concatenating $message to $header and passing the contents of $header to the code given above. We have installed the script from rulesemporium to update the cf files. What could we be missing? Are you saying something isn't working?
Re: How to use SpamAssassin from PHP?
On 5/9/07, Duncan Hill [EMAIL PROTECTED] wrote: On Wed, May 9, 2007 09:36, BG Mahesh wrote: We have tested this on http://cause.greynium.com/spamtest.php We have constructed a Mail header, concatenating $message to $header and passing the contents of $header to the code given above. We have installed the script from rulesemporium to update the cf files. What could we be missing? Are you saying something isn't working? The content should be reported as Spam. The score (when I run from command line is just about 1.0 and required is 5.0). The text in $message have very hardcore words. Shouldn't it be marked as spam? Are we formating the header correctly (i.e. each line is ending with \n)? regards, -- -- B.G. Mahesh http://www.greynium.com/ http://www.oneindia.in/ http://www.click.in/ - Free Indian Classifieds
Re: How to use SpamAssassin from PHP?
To ensure all is working okay, why not take a existing SPAM message and construct the $message from that and test ? On Wed, 9 May 2007 14:40:52 +0530, BG Mahesh [EMAIL PROTECTED] wrote: On 5/9/07, Duncan Hill [EMAIL PROTECTED] wrote: On Wed, May 9, 2007 09:36, BG Mahesh wrote: We have tested this on http://cause.greynium.com/spamtest.php We have constructed a Mail header, concatenating $message to $header and passing the contents of $header to the code given above. We have installed the script from rulesemporium to update the cf files. What could we be missing? Are you saying something isn't working? The content should be reported as Spam. The score (when I run from command line is just about 1.0 and required is 5.0). The text in $message have very hardcore words. Shouldn't it be marked as spam? Are we formating the header correctly (i.e. each line is ending with \n)? regards, -- -- B.G. Mahesh http://www.greynium.com/ http://www.oneindia.in/ http://www.click.in/ - Free Indian Classifieds -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- --[ UxBoD ]-- // PGP Key: curl -s http://www.splatnix.net/uxbod.asc | gpg --import // Fingerprint: 543A E778 7F2D 98F1 3E50 9C1F F190 93E0 E8E8 0CF8 // Keyserver: www.keyserver.net Key-ID: 0xE8E80CF8 // Phone: +44 (0) 845 869 2749 SIP: [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: How to use SpamAssassin from PHP?
I ran your first sample through SA here and got the following score :- X-Spam-Status: Yes, score=6.5 required=5.0 tests=BAYES_50,FRT_PENIS1, HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,MISSING_DATE,MISSING_HB_SEP, MISSING_MID,NO_RECEIVED,NO_RELAYS autolearn=no version=3.2.0 Regards, On Wed, 9 May 2007 10:22:55 +0100, --[ UxBoD ]-- [EMAIL PROTECTED] wrote: To ensure all is working okay, why not take a existing SPAM message and construct the $message from that and test ? On Wed, 9 May 2007 14:40:52 +0530, BG Mahesh [EMAIL PROTECTED] wrote: On 5/9/07, Duncan Hill [EMAIL PROTECTED] wrote: On Wed, May 9, 2007 09:36, BG Mahesh wrote: We have tested this on http://cause.greynium.com/spamtest.php We have constructed a Mail header, concatenating $message to $header and passing the contents of $header to the code given above. We have installed the script from rulesemporium to update the cf files. What could we be missing? Are you saying something isn't working? The content should be reported as Spam. The score (when I run from command line is just about 1.0 and required is 5.0). The text in $message have very hardcore words. Shouldn't it be marked as spam? Are we formating the header correctly (i.e. each line is ending with \n)? regards, -- -- B.G. Mahesh http://www.greynium.com/ http://www.oneindia.in/ http://www.click.in/ - Free Indian Classifieds -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- --[ UxBoD ]-- // PGP Key: curl -s http://www.splatnix.net/uxbod.asc | gpg --import // Fingerprint: 543A E778 7F2D 98F1 3E50 9C1F F190 93E0 E8E8 0CF8 // Keyserver: www.keyserver.net Key-ID: 0xE8E80CF8 // Phone: +44 (0) 845 869 2749 SIP: [EMAIL PROTECTED] -- --[ UxBoD ]-- // PGP Key: curl -s http://www.splatnix.net/uxbod.asc | gpg --import // Fingerprint: 543A E778 7F2D 98F1 3E50 9C1F F190 93E0 E8E8 0CF8 // Keyserver: www.keyserver.net Key-ID: 0xE8E80CF8 // Phone: +44 (0) 845 869 2749 SIP: [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: How to use SpamAssassin from PHP?
On Wed, May 9, 2007 10:10, BG Mahesh wrote: On 5/9/07, Duncan Hill [EMAIL PROTECTED] wrote: On Wed, May 9, 2007 09:36, BG Mahesh wrote: We have tested this on http://cause.greynium.com/spamtest.php We have constructed a Mail header, concatenating $message to $header and passing the contents of $header to the code given above. We have installed the script from rulesemporium to update the cf files. What could we be missing? Are you saying something isn't working? The content should be reported as Spam. The score (when I run from command line is just about 1.0 and required is 5.0). The text in $message have very hardcore words. Shouldn't it be marked as spam? Are we formating the header correctly (i.e. each line is ending with \n)? 'hardcore' words are not necessarily enough to determine that an item is spam. I suggest you start your testing with a real spam mail (and you can find quite a lot of those in places like news.admin.net-abuse.sightings), using the SpamAssassin command line interface. Once you're happy that it scores mail properly, feed the body plus your custom headers to the command line interface. Bear in mind that a good chunk of the SA rules check headers for things like invalid timestamps, spam signs etc, so your effectiveness may be crippled.
Re: How to use SpamAssassin from PHP?
The content should be reported as Spam. The score (when I run from command line is just about 1.0 and required is 5.0). The text in $message have very hardcore words. Shouldn't it be marked as spam? Are we formating the header correctly (i.e. each line is ending with \n)? 'hardcore' words are not necessarily enough to determine that an item is spam. I suggest you start your testing with a real spam mail (and you can find quite a lot of those in places like news.admin.net-abuse.sightings), using the SpamAssassin command line interface. Once you're happy that it scores mail properly, feed the body plus your custom headers to the command line interface. Bear in mind that a good chunk of the SA rules check headers for things like invalid timestamps, spam signs etc, so your effectiveness may be crippled. Thanks..will do that. I agree that the message we are testing against are very short but I think most of the user generated content on our site will be short (feedback, comments etc). So I guess we will have to write a lot more custom rules to achieve what we really want. regards, -- -- B.G. Mahesh http://www.greynium.com/ http://www.oneindia.in/ http://www.click.in/ - Free Indian Classifieds
Re: How to use SpamAssassin from PHP?
Hi, BG Mahesh wrote: The content should be reported as Spam. The score (when I run from command line is just about 1.0 and required is 5.0). The text in $message have very hardcore words. Shouldn't it be marked as spam? Are we formating the header correctly (i.e. each line is ending with \n)? 'hardcore' words are not necessarily enough to determine that an item is spam. I suggest you start your testing with a real spam mail (and you can find quite a lot of those in places like news.admin.net-abuse.sightings ), using the SpamAssassin command line interface. Once you're happy that it scores mail properly, feed the body plus your custom headers to the command line interface. Bear in mind that a good chunk of the SA rules check headers for things like invalid timestamps, spam signs etc, so your effectiveness may be crippled. Thanks..will do that. I agree that the message we are testing against are very short but I think most of the user generated content on our site will be short (feedback, comments etc). So I guess we will have to write a lot more custom rules to achieve what we really want. Or lower the spam threshold... Or raise the scores of the rules that are hitting... -- Anthony Peacock CHIME, Royal Free University College Medical School WWW:http://www.chime.ucl.ac.uk/~rmhiajp/ If you have an apple and I have an apple and we exchange apples then you and I will still each have one apple. But if you have an idea and I have an idea and we exchange these ideas, then each of us will have two ideas. -- George Bernard Shaw
Re: How to use SpamAssassin from PHP?
On Wed, May 9, 2007 10:10, BG Mahesh wrote: On 5/9/07, Duncan Hill [EMAIL PROTECTED] wrote: On Wed, May 9, 2007 09:36, BG Mahesh wrote: We have tested this on http://cause.greynium.com/spamtest.php We have constructed a Mail header, concatenating $message to $header and passing the contents of $header to the code given above. We have installed the script from rulesemporium to update the cf files. What could we be missing? Are you saying something isn't working? The content should be reported as Spam. The score (when I run from command line is just about 1.0 and required is 5.0). The text in $message have very hardcore words. Shouldn't it be marked as spam? Are we formating the header correctly (i.e. each line is ending with \n)? 'hardcore' words are not necessarily enough to determine that an item is spam. I suggest you start your testing with a real spam mail (and you can find quite a lot of those in places like news.admin.net-abuse.sightings), using the SpamAssassin command line interface. Once you're happy that it scores mail properly, feed the body plus your custom headers to the command line interface. Bear in mind that a good chunk of the SA rules check headers for things like invalid timestamps, spam signs etc, so your effectiveness may be crippled.
Re: How to use SpamAssassin from PHP?
BG Mahesh wrote: hi I want to pass the comments/text entered by users on a form to SpamAssassin for approval. If it approves it only then I want to accept the text, else I want to inform the user that the text is Spam and reject the user's comments. We use PHP and want to know how to implement this. regards, -- -- B.G. Mahesh http://www.greynium.com/ http://www.oneindia.in/ http://www.click.in/ - Free Indian Classifieds If you're going to do this, and you will be learning messages from that format, then I would recommend using that SA install only for that purpose, and do not try to use it for scanning mail as well. -=Aubrey=-
Re: How to use SpamAssassin from PHP?
On Tue, April 17, 2007 12:22, BG Mahesh wrote: hi I want to pass the comments/text entered by users on a form to SpamAssassin for approval. If it approves it only then I want to accept the text, else I want to inform the user that the text is Spam and reject the user's comments. We use PHP and want to know how to implement this. system() or popen() http://uk.php.net/manual/en/function.popen.php Better to call spamc rather than spamassassin.
Re: How to use SpamAssassin from PHP?
On Tue, 2007-04-17 at 16:52 +0530, BG Mahesh wrote: hi I want to pass the comments/text entered by users on a form to SpamAssassin for approval. If it approves it only then I want to accept the text, else I want to inform the user that the text is Spam and reject the user's comments. We use PHP and want to know how to implement this. Someone asked about SA from PHP on this list back in March. Here is what I wrote then: #!/usr/bin/php -q ? $fname = tempnam(/tmp, sa); file_put_contents($fname, $message); exec(/usr/bin/spamc -c $fname, $score, $res); if ($res == 1) echo It's spam.\n; unlink($fname); ? TBH I'm not sure SA is really going to help you here since you'll have zero headers for it to work on meaning you're pretty much down to content URIBL checks. Derek
How to use SpamAssassin from PHP?
hi I want to pass the comments/text entered by users on a form to SpamAssassin for approval. If it approves it only then I want to accept the text, else I want to inform the user that the text is Spam and reject the user's comments. We use PHP and want to know how to implement this. regards, -- -- B.G. Mahesh http://www.greynium.com/ http://www.oneindia.in/ http://www.click.in/ - Free Indian Classifieds
Re: How to use SpamAssassin from PHP?
On Tuesday 17 April 2007 04:44, Derek Harding wrote: TBH I'm not sure SA is really going to help you here since you'll have zero headers for it to work on meaning you're pretty much down to content URIBL checks. You can always construct a message header (I try to use the RFC 2822 terminology: it's one _header_ consisting of multiple _fields_, like Subject, Received etc.) from the information available. Don't be honest and say that you Received the post with HTTP though - SA will think that the sender was authenticated! I agree that a dedicated configuration, in particular a separate bayes DB, is recommended. It shouldn't have to be a completely separate _installation_ though. -- Magnus Holmgren[EMAIL PROTECTED] (No Cc of list mail needed, thanks) pgp2HjDr92zQU.pgp Description: PGP signature
